[英]how to use FTP SSL c#?
通過使用以下代碼,我的客戶端應用程序正在連接到安全 FTP 服務器並成功將文件推送到那里。 您是否認為以下方法仍然通過接受所有證書而留下安全漏洞。 如果是這樣,任何人都可以幫助我從我在 FTP 服務器上的客戶端傳遞特定證書。
public bool UploadFile(string FileName)
{
string ftpServerIP = FTPServer;
string ftpUserID = FTPUser;
string ftpPassword = FTPPwd;
FileInfo fileInf = new FileInfo(FileName);
string uri = "ftp://" + ftpServerIP + "/" + fileInf.Name;
FtpWebRequest reqFTP;
// Create FtpWebRequest object from the Uri provided
reqFTP = (FtpWebRequest)FtpWebRequest.Create(uri); //new Uri("ftp://" + ftpServerIP + DestinationFolder + fileInf.Name));
//Enable SSL
reqFTP.EnableSsl = true;
// Provide the WebPermission Credintials
reqFTP.Credentials = new NetworkCredential(ftpUserID, ftpPassword);
// By default KeepAlive is true, where the control connection is not closed after a command is executed.
reqFTP.KeepAlive = false;
//reqFTP.UsePassive = true;
// Specify the command to be executed.
reqFTP.Method = WebRequestMethods.Ftp.UploadFile;
//SSL Certificate
ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);
// Specify the data transfer type.
reqFTP.UseBinary = true;
// Notify the server about the size of the uploaded file
reqFTP.ContentLength = fileInf.Length;
// The buffer size is set to 2kb
int buffLength = 2048;
byte[] buff = new byte[buffLength];
int contentLen;
// Opens a file stream (System.IO.FileStream) to read the file to be uploaded
FileStream fs = fileInf.OpenRead();
try
{
// Stream to which the file to be upload is written
Stream strm = reqFTP.GetRequestStream();
// Read from the file stream 2kb at a time
contentLen = fs.Read(buff, 0, buffLength);
// Till Stream content ends
while (contentLen != 0)
{
// Write Content from the file stream to the FTP Upload Stream
strm.Write(buff, 0, contentLen);
contentLen = fs.Read(buff, 0, buffLength);
}
// Close the file stream and the Request Stream
strm.Close();
fs.Close();
return true;
}
catch (Exception ex)
{
return false;
}
}
public bool AcceptAllCertifications(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certification, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors)
{
return true;
}
一個建議是查看ServicePointManager.ServerCertificateValidationCallback
這是一篇解決安全 FTP 並利用此方法的博客文章
如果您信任要將數據上傳到的 FTP 服務器,那么繞過服務器證書驗證不會有任何實際問題。 但是,如果您想從 FTP 服務器驗證服務器證書,請參閱 curtisk 發布的鏈接,其中包含有關如何驗證服務器證書的示例。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.